US20020010856A1 - IC, IC-mounted electronic device, debugging method and IC debugger - Google Patents

IC, IC-mounted electronic device, debugging method and IC debugger Download PDF

Info

Publication number
US20020010856A1
US20020010856A1 US09/784,151 US78415101A US2002010856A1 US 20020010856 A1 US20020010856 A1 US 20020010856A1 US 78415101 A US78415101 A US 78415101A US 2002010856 A1 US2002010856 A1 US 2002010856A1
Authority
US
United States
Prior art keywords
circuit
debug
authentication
key
transmission key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US09/784,151
Other versions
US7080258B2 (en
Inventor
Yusuke Kawasaki
Shigeru Hashimoto
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Ltd
Original Assignee
Fujitsu Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd filed Critical Fujitsu Ltd
Assigned to FUJITSU LIMITED reassignment FUJITSU LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: HASHIMOTO, SHIGERU, KAWASAKI, YUSUKE
Publication of US20020010856A1 publication Critical patent/US20020010856A1/en
Application granted granted Critical
Publication of US7080258B2 publication Critical patent/US7080258B2/en
Adjusted expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/362Software debugging
    • G06F11/3648Software debugging using additional hardware
    • G06F11/3656Software debugging using additional hardware using a specific debug interface
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • G01R31/28Testing of electronic circuits, e.g. by signal tracer
    • G01R31/317Testing of digital circuits
    • G01R31/31719Security aspects, e.g. preventing unauthorised access during test

Definitions

  • the present invention relates to an IC, an electronic device, a method for debugging the IC, a method for debugging the electronic device, and a debugger, having a security function for preventing a spurious acquisition of a behavior of an internal circuit of the IC.
  • FIG. 9 is an explanatory diagram of the prior art.
  • an LSI 110 is provided with a CPU 200 , a peripheral circuit 300 , and a bus 600 for connecting therewith.
  • the CPU 200 acquires data or programs from the peripheral circuit 300 , and processes the data, and outputs them to the peripheral circuit 300 .
  • the CPU 200 is provided with a debug I/F (interface) circuit 400 via another bus 500 .
  • An external debug controller 100 of the LSI 110 is connected to the debug I/F 400 , and supplies a clock CLK, and inputs a signal SIN, and obtains an output SOUT.
  • This debug I/F circuit 400 is exploited for acquiring a behavior (contents of a program counter, a register, or the like) of the CPU 200 at the time of developing the device, and in the case where the device is shipped to a field, the debug I/F circuit 400 is similarly exploited at the time of the occurrence of a fault, and at the time of diagnosing the device.
  • a security function is not provided in the prior art with respect to an access from the debug I/F 400 , as described above.
  • a debug I/F terminal In the device which does not require a conventional normal security, a debug I/F terminal is seen from outside irrespective of the time of being unused/the time of being used, and is entirely defenseless for the exploitation by the third person. For this reason, in the case of the device shipped to the field, the third person uses the debug I/F terminal, so that a behavior of a central processing unit (CPU) can accurately and readily be made reverse engineering, and it needs high-performance in security.
  • CPU central processing unit
  • an IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit from externally; and an authentication circuit which is provided between the debug I/F circuit and a debug terminal, and when the debug I/F circuit is activated, transmits a transmission key from the debug terminal to outside, and authenticates from a signal received from the debug terminal and a transmission key, and enables operation of the debug I/F circuit.
  • an electronic device mounting with an IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit from externally; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, and when the debug I/F circuit is activated, transmits the transmission key from the debug terminal to outside, and collates the signal received from the debug terminal with the transmission key, and enables operation of the debug I/F circuit.
  • a debugging method comprising the steps of transmitting the transmission key to externally when the debug I/F circuit is activated; and authenticating the signal received from externally and the transmission key to enable operation of the debug I/F circuit.
  • a debugger for debugging an IC comprising an internal circuit; a debug I/F circuit for externally debugging the internal circuit; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, and when the debug I/F circuit is activated, transmits the transmission key from the debug terminal to outside, and collates the signal received from the debug terminal with the transmission key, and enables operation of the debug I/F circuit, further comprising: the discrimination device which is provided between a debug unit and the debug I/F circuit, and receives the transmission key to encode it by a predetermined key, and transmits the reception signal.
  • the authentication step has a step of canceling a reset signal to the debug I/F circuit for enabling of the operation.
  • the authentication circuit cancels the reset signal to the debug I/F circuit for enabling of the operation. For this reason, even if authenticated, it is possible to realize by cancellation of the existent reset.
  • the authentication circuit forms an authentication key that is encoded the transmission key by a predetermined key, and compares the reception signal with the authentication key.
  • the authentication step has a step of forming the authentication key that is encoded the transmission key by the predetermined key, and of collating the reception signal with the authentication key. As encoded, the higher security is possible.
  • the authentication circuit awaits a time of the operation enabling.
  • the authentication step has a step of waiting a time of the operation enabling. Before and after judgment of a serial data key, a waiting time is provided after the end of agreement judgment by use of a timer. For this reason, even if the third person inputs any cryptographic key data, it takes much time to obtain authentication results (reset). This causes to prevent the use of the spurious debug I/F by the third person, and furthermore when retrying several times, it takes enormous time.
  • the authentication circuit forms the transmission key with random numbers, whereby each time serial data (transmission key) to be transmitted are activated, the random numbers are based, so that the serial data are set as transmission and reception data different every time, rendering the analysis thereof difficult.
  • FIG. 1 is a block diagram of an LSI according to an embodiment of the present invention.
  • FIG. 2 is an explanatory diagram of an authentication processing of FIG. 1;
  • FIG. 3 is an explanatory diagram of a debugging method of the LSI of FIG. 1;
  • FIG. 4 is an explanatory diagram of preventing a spurious access to the LSI of FIG. 1;
  • FIG. 5 is an explanatory processing of another authentication processing of FIG. 1;
  • FIG. 6 is an explanatory diagram of an electronic device mounting the LSI of FIG. 1;
  • FIG. 7 is a block diagram of a peripheral circuit of FIG. 1;
  • FIG. 8 is a configuration diagram of a POS system mounting the LSI of FIG. 6;
  • FIG. 9 is an explanatory diagram of the prior art.
  • FIG. 1 is a block diagram of an LSI and a debug mechanism according to a first embodiment of the present invention
  • FIG. 2 is an explanatory diagram of the authentication processing
  • FIG. 3 is a diagram for explaining operation at the time of a due use
  • FIG. 4 is a diagram for explaining operation at the time of a spurious use.
  • reference numeral 2 denotes a system LSI with a CPU, and a debug I/F utilization authentication circuit according to the present invention is provided to the LSI 2 .
  • Reference numeral 1 denotes an external debug controller for utilizing the debug I/F inside the LSI 2 .
  • Reference numeral 3 denotes a discrimination device, which is used by interposing it between the LSI 2 and the debug controller 1 , so as to interlock with the authentication circuit inside the LSI 2 and authenticate.
  • the LSI 2 has a debug I/F circuit 2 - 1 , a CPU 2 - 2 , a debug bus 4 - 1 for connecting an I/F circuit 2 - 1 and the CPU 2 - 2 , and a peripheral circuit 2 - 12 connected to a CPU bus 4 - 2 .
  • the peripheral circuit 2 - 12 is different according to the use of LSIs, for example, an electronic money funds transferring circuit that will be explained in FIG. 6 on.
  • the authentication circuit is provided in this CPU bus 4 - 2 .
  • a structure of the authentication circuit is explained.
  • a port 4 - 2 receives write data of the CPU 2 - 2 from the bus 4 - 2 .
  • a register 2 - 5 stores a debug I/F utilization transmission key formed by the CPU 2 - 2 .
  • a register 2 - 8 stores an authentication key formed by the CPU 2 - 2 .
  • a transmission circuit 2 - 4 transmits the transmission key of the register 2 - 5 in synchronism with a clock supplied by the discrimination device 3 .
  • a shift register 2 - 6 receives a cryptographic key returned from the discrimination device 2 .
  • An agreement detection circuit 2 - 9 compares a cryptographic key of the shift register 2 - 6 with an authentication key of a register 2 - 8 , and detects an agreement.
  • a timer circuit 2 - 7 starts counting clocks in response to an agreement detection output of the agreement detection circuit 2 - 9 , and forms a signal for canceling a reset signal to the internal debug I/F circuit 2 - 1 after a constant time.
  • a reset gate 2 - 11 cancels an input to the debug I/F circuit 2 - 1 of the reset signal according to a reset cancellation signal.
  • a reception-enabling gate 2 - 10 enables the shift register 2 - 6 which fetches in data from a signal input terminal SIN in response to a reception-enabling signal from a transmission circuit 2 - 4 .
  • the discrimination device 3 is provided with a key reception circuit 3 - 1 .
  • the key reception circuit 3 - 1 transmits clocks and receives the aforesaid transmission key, and encodes it by a key determined previously and transmits the cryptographic key.
  • the LSI 2 and discrimination device 3 are turned on and activated. Then, a clock is supplied from the discrimination device 3 to the debug I/F 2 - 1 of the LSI 2 . Concurrently, the CPU 2 - 2 is activated in the LSI 2 , and the LSI 2 forms the debug I/F utilizing transmission key and authentication key by a firmware, and writes them into the registers 2 - 5 , 2 - 8 via the bus 4 - 2 and port 2 - 3 . At this time, the transmission key is formed based on a random number, and then the authentication key is generated by encoding the transmission key by a predetermined key.
  • the transmission circuit 2 - 4 transmits the transmission key in synchronism with a clock supplied by the discrimination device 3 .
  • the key transmission and reception circuit 3 - 1 in the discrimination device 3 receives the transmission key, and encodes the transmission key by the key determined previously, and transmits the cryptographic (encoded) key.
  • the predetermined key at this time is same as the key used a little while ago by the firmware in the LSI 2 .
  • the shift register 2 - 6 receives the returned the cryptographic key, and the agreement detection circuit 2 - 9 compares it with the authentication key of the register 2 - 8 , and only in the case where agreed, the agreement detection circuit 2 - 9 transmits the agreement detection to the timer circuit 2 - 7 .
  • the timer circuit 2 - 7 waits for a constant time, and canceled a reset signal to the internal debug I/F 2 - 1 by the gate 2 - 11 .
  • the debug I/F circuit 2 - 1 of the LSI 2 can be utilized. Namely, the reset signal is transmitted from the debug controller 1 to the LSI 2 , and resets the debug I/F circuit 2 - 1 , and utilizes the debug I/F circuit 2 - 1 , and can access the CPU 2 - 2 .
  • a LSI provider offers the LSI 2 and discrimination device 3 to a developer for an apparatus.
  • the encryption key of the LSI 2 is same with the encryption key of the discrimination device 3 .
  • the developer mounts the LSI 2 on the target board 7 , and develops the device.
  • the LSI 2 is connected to the discrimination device 3 , which is connected to the debug controller 1 , the PC interface board 6 , and the personal computer 5 .
  • the discrimination device 3 intervenes therebetween, the above authentication sequence works to cancel a reset, so that the debugger on the PC 5 can utilize the debug I/F circuit 2 - 1 .
  • the discrimination device 3 is connected, thereby utilizing the debugger on the PC 5 .
  • a security technique such as a conventional password authentication, etc.
  • the security function is not performed, and the password is easy to elucidate by retrying.
  • the security technique is unfit as a security mechanism of the LSI 2 to be presented to a great number of users.
  • the security since in order to realize the security with a set of the discrimination device 3 and LSI 2 , the security is carried out by the physical connection and authentication algorithm, the high security is enabled. Furthermore, the spurious engineering by the PC 5 is difficult.
  • the reception operation of the shift register is conducted for a constant time after the transmission key is transmitted, and only one time reception is made at the time of one time activation, and since if data are repeatedly input, not accepted, the engineering is difficult.
  • the key transmission and reception circuit 3 in the discrimination device 3 receives the transmission key, and encodes the transmission key by the key determined previously, and transmits the cryptographic (encoded) key.
  • the predetermined key at this time is same with the key used a little while ago by the firmware in the LSI 2 .
  • the discrimination 3 annexes a user ID and transmits it to the LSI 2 .
  • the shift register 2 - 6 receives the returned cryptographic key, and the agreement detection circuit 2 - 9 compares it with the authentication key of the register 2 - 8 , and only in the case where agreed, the agreement detection circuit 2 - 9 transmits the agreement detection to the timer circuit 2 - 7 .
  • the timer circuit 2 - 7 waits for a constant time, the timer circuit 2 - 7 cancels an input of the reset signal to the internal debug I/F 2 - 1 of the gate 2 - 11 .
  • the user ID is logged. For this reason, if information of the transmission key should be leaked, it is possible to specify which user has leaked, from the logged user IDs.
  • the description device 3 adopts a method of encoding the received transmission key and use ID by the key, thereby preventing that the user ID is readily changed.
  • FIG. 6 is an explanatory diagram of an example to which the system LSI 2 is applied
  • FIG. 7 is a structural diagram of a peripheral circuit of the LSI 2 in this application example
  • FIG. 8 is an explanatory diagram of the electronic devices.
  • the system LSI 2 is a card funds transferring LSI, and has a debit card funds transfer function 40 , a credit card funds transfer function 41 , an electronic money funds transfer function 42 , and other service functions 43 .
  • the LSI 2 is connected to an IC card reader/writer 30 , a magnetic card reader 31 , and a display and key 32 .
  • the LSI 2 is connected to a receipt printer 33 .
  • These funds transfer functions 40 to 43 are realized by execution of the programs of the CPU 2 - 2 of the LSI 2 .
  • a card funds transfer function is imparted to various electronic devices 50 to 57 .
  • These electronic devices are, for example, a POS (point of sales) reader/writer 50 , an integrated terminal 51 , a mobile terminal 52 , an ATM (automatic teller machine) 53 , an automatic vending machine 54 , a PDA (personal digital assistant) 55 , a portable telephone 56 , and a PC (personal computer) 57 .
  • the peripheral circuit 2 - 12 of the LSI 2 for the card funds transfer will be explained with reference to FIG. 7.
  • the peripheral circuit 2 - 12 has a smart card controller 60 , a MS (Magnetic stripe) control circuit 61 , a LCD control circuit 62 , a matrix KB control circuit 63 , a memory controller 64 , and serial I/O ports 69 to 72 .
  • the above LSI 2 indicates a condition of being mounted on the target board 7 , and for clarity of description of the LSI 2 , only the CPU 2 - 2 and peripheral circuit 2 - 12 ( 60 - 64 , 69 - 72 ) are shown.
  • the LSI 2 includes the debug I/F 2 - 1 and the authentication circuit.
  • the smart card controller 60 reads/writes data of the IC card (called a smart card) via the IC card reader/writer 30 .
  • the MS control circuit controls the MS (magnetic stripe) reader 31 .
  • the LCD control circuit 62 controls a display of the LCD (liquid crystal display) 32 - 1 .
  • the matrix KB control circuit 63 recognizes an input of a ten key 32 - 2 .
  • the memory controller 64 control an input/output into/from various memories (a ROM 65 , a SRAM 66 , a FLASH 67 , a SDRAM 68 ) on the board 7 .
  • the serial ports 69 to 72 are connected to drivers 73 to 75 of the port 7 for inputting and outputting the serial data. These are each connected to the CPU bus 4 - 2 .
  • FIG. 8 is a system configuration diagram of the electronic device mounting a funds transferring LSI, showing a POS (point of sales) system.
  • the network 35 is connected to a store controller 20 and a plurality of POS terminals 10 .
  • the POS terminals 10 are connected to the IC card reader/writer 30 .
  • the store controller 20 and the plurality of POS terminals 10 are provided with the above funds transferring LSIs (called an IFD), which exchanges directly funds transfer data.
  • An IC card 34 - 1 for customers is exchanged messages with a POS IC card 34 - 2 via the IFD 2
  • the POS IC card 34 - 2 is exchanged messages with the IC card 34 - 2 of the store controller 20 via an IFD 2 , a terminal controller 11 , a network 35 , the terminal controller 11 , and the IFD 2 .
  • a customer's data of the IC card 34 - 1 are stored in the POS IC card 34 - 2 via the IFD 2 .
  • the stored data of the POS IC card 34 - 2 are stored in the IC card 34 - 2 of the store controller 20 via the IFD 2 , the terminal controller 11 , the network 35 , the terminal controller 11 , and the IFD 2 .
  • an authentication mechanism according to the present invention is, in particular, valid for such uses.
  • the reset signal is canceled by the authentication, but a gate may be provided at a clock input side of the debug I/F 2 - 1 , so that a clock input is enabled by the authentication.
  • the waiting time are provided by the timer after the agreement judgment, but the waiting time may be performed for the judgment by the timer before the agreement judgment.
  • the authentication circuit is provided between the debug I/F circuit and the debug terminal, it is possible to protect the internal circuit from dishonesty such as the reverse engineering, etc. of operation of the internal circuit by utilizing the debug I/F of the third person, and to hold the security higher than the conventional device.

Abstract

Authentication circuits 2-3 to 2-11 are provided between a debug I/F circuit 2-1 and a debug terminal. The authentication circuit transmits a transmission key to externally at the time of activation, and authenticates from a received signal and the transmission key, and enables to access a debug I/F. It is possible to prevent a spurious access from the debug I/F by a third person by the authentication circuit.

Description

    BACKGROUND OF THE INVENTION
  • 1. Field of the Invention [0001]
  • The present invention relates to an IC, an electronic device, a method for debugging the IC, a method for debugging the electronic device, and a debugger, having a security function for preventing a spurious acquisition of a behavior of an internal circuit of the IC. [0002]
  • 2. Description of the Related Arts [0003]
  • In every field such as an electronic commerce, etc., a device of higher security is demanded. For this reason, various methods for preventing a reverse engineering in the device are devised. However, irrespective of these trials, a reverse engineering ROM, or the like is prepared, and an abuse for a reluctant use for a developer of the device does not become extinct. For this reason, a system in which a third person is incapable of engineering operation itself of the device is demanded. [0004]
  • FIG. 9 is an explanatory diagram of the prior art. As shown in FIG. 9, an [0005] LSI 110 is provided with a CPU 200, a peripheral circuit 300, and a bus 600 for connecting therewith. In this LSI 110, the CPU 200 acquires data or programs from the peripheral circuit 300, and processes the data, and outputs them to the peripheral circuit 300.
  • On the other hand, in the case where the device is developed by use of this [0006] LSI 110, a processing behavior of the CPU 200 is directly monitored, and the programs or the like are verified. A verification method for monitoring output data of the peripheral circuit 300 is executed, but a behavior of the CPU 200 up to the output cannot be elucidated from the output data.
  • For this reason, the [0007] CPU 200 is provided with a debug I/F (interface) circuit 400 via another bus 500. An external debug controller 100 of the LSI 110 is connected to the debug I/F 400, and supplies a clock CLK, and inputs a signal SIN, and obtains an output SOUT.
  • This debug I/[0008] F circuit 400 is exploited for acquiring a behavior (contents of a program counter, a register, or the like) of the CPU 200 at the time of developing the device, and in the case where the device is shipped to a field, the debug I/F circuit 400 is similarly exploited at the time of the occurrence of a fault, and at the time of diagnosing the device.
  • A security function is not provided in the prior art with respect to an access from the debug I/[0009] F 400, as described above.
  • In the device which does not require a conventional normal security, a debug I/F terminal is seen from outside irrespective of the time of being unused/the time of being used, and is entirely defenseless for the exploitation by the third person. For this reason, in the case of the device shipped to the field, the third person uses the debug I/F terminal, so that a behavior of a central processing unit (CPU) can accurately and readily be made reverse engineering, and it needs high-performance in security. [0010]
  • However, in the case where the conventional device uses the CPU provided with the debug I/F function, a clue of analysis is given to the third person. For example, in the case of a POS register using the CPU with the debug I/F function, a debug unit of the debug I/F is connected to a personal computer, etc., so that even data such as a password, a cryptographic key, or the like can readily be searched. [0011]
  • SUMMARY OF THE INVENTION
  • It is therefore the object of the present invention to provide an IC, an electronic device, a debug method, and a debugger for restricting a use of a debug I/F and preventing a spurious reverse engineering by a third person. [0012]
  • It is another object of the present invention to provide an IC, an electronic device, a debug method, and a debugger in which an authentication logic is provided between the debug I/F circuit in the LSI and an external terminal, and a restriction is formed in exploiting the debug I/F. [0013]
  • It is yet another object of the present invention to provide an IC, an electronic device, a debug method, and a debugger for preventing the engineering of the authentication logic between the debug I/F circuit in the LSIs and the external terminal. [0014]
  • It is a further object of the present invention to provide an IC, an electronic device, a debug method, and a debugger for detecting the spurious reverse engineering by a third person which restricts the use of the debug I/F. [0015]
  • In order to attain the above objects, according to a first aspect of the present invention there is provided an IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit from externally; and an authentication circuit which is provided between the debug I/F circuit and a debug terminal, and when the debug I/F circuit is activated, transmits a transmission key from the debug terminal to outside, and authenticates from a signal received from the debug terminal and a transmission key, and enables operation of the debug I/F circuit. [0016]
  • According to a second aspect of the present invention there is provided an electronic device mounting with an IC, the IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit from externally; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, and when the debug I/F circuit is activated, transmits the transmission key from the debug terminal to outside, and collates the signal received from the debug terminal with the transmission key, and enables operation of the debug I/F circuit. [0017]
  • According to a third aspect of the present invention there is provided a debugging method comprising the steps of transmitting the transmission key to externally when the debug I/F circuit is activated; and authenticating the signal received from externally and the transmission key to enable operation of the debug I/F circuit. [0018]
  • According to a fourth aspect of the present invention there is provided a debugger for debugging an IC, the IC comprising an internal circuit; a debug I/F circuit for externally debugging the internal circuit; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, and when the debug I/F circuit is activated, transmits the transmission key from the debug terminal to outside, and collates the signal received from the debug terminal with the transmission key, and enables operation of the debug I/F circuit, further comprising: the discrimination device which is provided between a debug unit and the debug I/F circuit, and receives the transmission key to encode it by a predetermined key, and transmits the reception signal. [0019]
  • Since an authentication circuit is provided between the debug I/F circuit and the debug terminal, it is possible to protect an internal circuit from a dishonesty as performing reverse engineering a motion of the internal circuit, etc. by exploiting the debug I/F of the third person, and to hold security higher than a conventional device. [0020]
  • Furthermore, since the security is performed by a physical connection and an authentication algorithm by a set of a discrimination device and an IC, the high security is enabled. Furthermore, a spurious engineering by a PC (personal computer) is difficult. [0021]
  • Furthermore, in the debugging method according to the present invention, the authentication step has a step of canceling a reset signal to the debug I/F circuit for enabling of the operation. In the LSI according to the present invention, the authentication circuit cancels the reset signal to the debug I/F circuit for enabling of the operation. For this reason, even if authenticated, it is possible to realize by cancellation of the existent reset. [0022]
  • Furthermore, in the LSI according to the present invention, the authentication circuit forms an authentication key that is encoded the transmission key by a predetermined key, and compares the reception signal with the authentication key. In the debugging method according to the present invention, the authentication step has a step of forming the authentication key that is encoded the transmission key by the predetermined key, and of collating the reception signal with the authentication key. As encoded, the higher security is possible. [0023]
  • In the LSI according to the present invention, the authentication circuit awaits a time of the operation enabling. In the debugging method according to the present invention, the authentication step has a step of waiting a time of the operation enabling. Before and after judgment of a serial data key, a waiting time is provided after the end of agreement judgment by use of a timer. For this reason, even if the third person inputs any cryptographic key data, it takes much time to obtain authentication results (reset). This causes to prevent the use of the spurious debug I/F by the third person, and furthermore when retrying several times, it takes enormous time. [0024]
  • In the LSI according to the present invention, the authentication circuit forms the transmission key with random numbers, whereby each time serial data (transmission key) to be transmitted are activated, the random numbers are based, so that the serial data are set as transmission and reception data different every time, rendering the analysis thereof difficult.[0025]
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a block diagram of an LSI according to an embodiment of the present invention; [0026]
  • FIG. 2 is an explanatory diagram of an authentication processing of FIG. 1; [0027]
  • FIG. 3 is an explanatory diagram of a debugging method of the LSI of FIG. 1; [0028]
  • FIG. 4 is an explanatory diagram of preventing a spurious access to the LSI of FIG. 1; [0029]
  • FIG. 5 is an explanatory processing of another authentication processing of FIG. 1; [0030]
  • FIG. 6 is an explanatory diagram of an electronic device mounting the LSI of FIG. 1; [0031]
  • FIG. 7 is a block diagram of a peripheral circuit of FIG. 1; FIG. 8 is a configuration diagram of a POS system mounting the LSI of FIG. 6; and [0032]
  • FIG. 9 is an explanatory diagram of the prior art.[0033]
  • DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • The preferred embodiments of the present invention will now be described by sorting it into a LSI, an electronic device, and other embodiments. [0034]
  • [LSI ][0035]
  • FIG. 1 is a block diagram of an LSI and a debug mechanism according to a first embodiment of the present invention, and FIG. 2 is an explanatory diagram of the authentication processing, and FIG. 3 is a diagram for explaining operation at the time of a due use, and FIG. 4 is a diagram for explaining operation at the time of a spurious use. [0036]
  • In FIG. 1, [0037] reference numeral 2 denotes a system LSI with a CPU, and a debug I/F utilization authentication circuit according to the present invention is provided to the LSI 2. Reference numeral 1 denotes an external debug controller for utilizing the debug I/F inside the LSI 2. Reference numeral 3 denotes a discrimination device, which is used by interposing it between the LSI 2 and the debug controller 1, so as to interlock with the authentication circuit inside the LSI 2 and authenticate.
  • The [0038] LSI 2 has a debug I/F circuit 2-1, a CPU 2-2, a debug bus 4-1 for connecting an I/F circuit 2-1 and the CPU 2-2, and a peripheral circuit 2-12 connected to a CPU bus 4-2. The peripheral circuit 2-12 is different according to the use of LSIs, for example, an electronic money funds transferring circuit that will be explained in FIG. 6 on.
  • In the embodiment of the present invention, the authentication circuit is provided in this CPU bus [0039] 4-2. A structure of the authentication circuit is explained.
  • A port [0040] 4-2 receives write data of the CPU 2-2 from the bus 4-2. A register 2-5 stores a debug I/F utilization transmission key formed by the CPU 2-2. A register 2-8 stores an authentication key formed by the CPU 2-2. A transmission circuit 2-4 transmits the transmission key of the register 2-5 in synchronism with a clock supplied by the discrimination device 3. A shift register 2-6 receives a cryptographic key returned from the discrimination device 2.
  • An agreement detection circuit [0041] 2-9 compares a cryptographic key of the shift register 2-6 with an authentication key of a register 2-8, and detects an agreement. A timer circuit 2-7 starts counting clocks in response to an agreement detection output of the agreement detection circuit 2-9, and forms a signal for canceling a reset signal to the internal debug I/F circuit 2-1 after a constant time. A reset gate 2-11 cancels an input to the debug I/F circuit 2-1 of the reset signal according to a reset cancellation signal. A reception-enabling gate 2-10 enables the shift register 2-6 which fetches in data from a signal input terminal SIN in response to a reception-enabling signal from a transmission circuit 2-4.
  • Next, the [0042] discrimination device 3 is provided with a key reception circuit 3-1. When the discrimination 3 is turned on, the key reception circuit 3-1 transmits clocks and receives the aforesaid transmission key, and encodes it by a key determined previously and transmits the cryptographic key.
  • Next, an operational procedure capable of utilizing the debug I/F will be explained with reference to FIGS. 1 and 2. As shown in FIG. 1, the [0043] debug controller 1 utilizing the debug I/F is connected to the LSI 2 via the discrimination device 3.
  • {circle over (1)} First, the [0044] LSI 2 and discrimination device 3 are turned on and activated. Then, a clock is supplied from the discrimination device 3 to the debug I/F 2-1 of the LSI 2. Concurrently, the CPU 2-2 is activated in the LSI 2, and the LSI 2 forms the debug I/F utilizing transmission key and authentication key by a firmware, and writes them into the registers 2-5, 2-8 via the bus 4-2 and port 2-3. At this time, the transmission key is formed based on a random number, and then the authentication key is generated by encoding the transmission key by a predetermined key.
  • {circle over (2)} When the key is written, the transmission circuit [0045] 2-4 transmits the transmission key in synchronism with a clock supplied by the discrimination device 3.
  • {circle over (3)} The key transmission and reception circuit [0046] 3-1 in the discrimination device 3 receives the transmission key, and encodes the transmission key by the key determined previously, and transmits the cryptographic (encoded) key. The predetermined key at this time is same as the key used a little while ago by the firmware in the LSI 2.
  • {circle over (4)} In the [0047] LSI 2, the shift register 2-6 receives the returned the cryptographic key, and the agreement detection circuit 2-9 compares it with the authentication key of the register 2-8, and only in the case where agreed, the agreement detection circuit 2-9 transmits the agreement detection to the timer circuit 2-7. The timer circuit 2-7 waits for a constant time, and canceled a reset signal to the internal debug I/F 2-1 by the gate 2-11.
  • Thus, for the first time, the debug I/F circuit [0048] 2-1 of the LSI 2 can be utilized. Namely, the reset signal is transmitted from the debug controller 1 to the LSI 2, and resets the debug I/F circuit 2-1, and utilizes the debug I/F circuit 2-1, and can access the CPU 2-2.
  • As shown in FIG. 3, a LSI provider offers the [0049] LSI 2 and discrimination device 3 to a developer for an apparatus. The encryption key of the LSI 2 is same with the encryption key of the discrimination device 3. The developer mounts the LSI 2 on the target board 7, and develops the device.
  • In the case where the debug is performed, the [0050] LSI 2 is connected to the discrimination device 3, which is connected to the debug controller 1, the PC interface board 6, and the personal computer 5. When the discrimination device 3 intervenes therebetween, the above authentication sequence works to cancel a reset, so that the debugger on the PC 5 can utilize the debug I/F circuit 2-1. Furthermore, even after the device is shipped to a field, the discrimination device 3 is connected, thereby utilizing the debugger on the PC 5.
  • On the other hand, as shown in FIG. 4, in the case where the [0051] discrimination device 3 is not connected, the reset is not canceled in the debug I/F circuit 2-1 of the LSI 2, and the debugger of the PC 5 cannot access the CPU 2-2 of the LSI 2. For example, after the device is shipped to the field, it is possible to protect the CPU 2-2 from dishonesty such as reverse engineering of internal operation of the CPU 2-2 by utilizing the debug I/F of the third person, and to hold the higher security than the conventional device.
  • Namely, in a security technique such as a conventional password authentication, etc., if the password is leaked, the security function is not performed, and the password is easy to elucidate by retrying. Accordingly, the security technique is unfit as a security mechanism of the [0052] LSI 2 to be presented to a great number of users. According to this embodiment, since in order to realize the security with a set of the discrimination device 3 and LSI 2, the security is carried out by the physical connection and authentication algorithm, the high security is enabled. Furthermore, the spurious engineering by the PC 5 is difficult.
  • Furthermore, in some cases, since the aforesaid utilization authentication function is an encryption algorithm, a skillful spurious person knows existence of the authentication mechanism and tries the engineering by retrying the encryption key (data). According to this embodiment, since this engineering becomes difficult, the next technique is adopted. [0053]
  • First, after the serial data key is judged, waiting time is provided after end of the agreement judgment by use of the timer [0054] 2-7. For this reason, even if the third person inputs any cryptographic key data by connection of FIG. 4, it takes much time until obtaining authentication results (reset). Thus, the spurious debug I/F utilization by the third person is prevented, and it takes enormous time when retrying several times.
  • Second, each time the serial data (transmission key) to be transmitted are activated, the random numbers are based, so that the engineering becomes difficult as set as transmission and reception data different each time. [0055]
  • Third, the reception operation of the shift register is conducted for a constant time after the transmission key is transmitted, and only one time reception is made at the time of one time activation, and since if data are repeatedly input, not accepted, the engineering is difficult. [0056]
  • Next, in FIG. 5, the authentication processing according to another embodiment of the present invention will be explained. [0057]
  • {circle over (1)} First of all, when the [0058] LSI 2 and discrimination device 3 are turned on, a clock is supplied from the discrimination device 3 to the debug I/F 2-1 of the LSI 2. Concurrently, in the LSI 2, the CPU 2-2 is activated to form the debug I/F utilization transmission key and authentication key by the firmware, as described above, to write them into the registers 2-5, 2-8 via the bus 4-2 and the port 2-3.
  • {circle over (2)} When the key is written, in synchronism with the clock supplied by the [0059] discrimination device 3, the transmission circuit 2-4 transmits the transmission key.
  • {circle over (3)} The key transmission and [0060] reception circuit 3 in the discrimination device 3 receives the transmission key, and encodes the transmission key by the key determined previously, and transmits the cryptographic (encoded) key. The predetermined key at this time is same with the key used a little while ago by the firmware in the LSI 2. The discrimination 3 annexes a user ID and transmits it to the LSI 2.
  • {circle over (4)} In the [0061] LSI 2, the shift register 2-6 receives the returned cryptographic key, and the agreement detection circuit 2-9 compares it with the authentication key of the register 2-8, and only in the case where agreed, the agreement detection circuit 2-9 transmits the agreement detection to the timer circuit 2-7. After the timer circuit 2-7 waits for a constant time, the timer circuit 2-7 cancels an input of the reset signal to the internal debug I/F 2-1 of the gate 2-11. Furthermore, the user ID is logged. For this reason, if information of the transmission key should be leaked, it is possible to specify which user has leaked, from the logged user IDs.
  • According to the embodiment of the present invention, the [0062] description device 3 adopts a method of encoding the received transmission key and use ID by the key, thereby preventing that the user ID is readily changed.
  • [Electronic Devices ][0063]
  • Next, electronic devices mounting the [0064] aforesaid system LSI 2 will be explained. FIG. 6 is an explanatory diagram of an example to which the system LSI 2 is applied, and FIG. 7 is a structural diagram of a peripheral circuit of the LSI 2 in this application example, and FIG. 8 is an explanatory diagram of the electronic devices.
  • As shown in FIG. 6, the [0065] system LSI 2 is a card funds transferring LSI, and has a debit card funds transfer function 40, a credit card funds transfer function 41, an electronic money funds transfer function 42, and other service functions 43. For this reason, the LSI 2 is connected to an IC card reader/writer 30, a magnetic card reader 31, and a display and key 32. Furthermore, as occasion arises, the LSI 2 is connected to a receipt printer 33. These funds transfer functions 40 to 43 are realized by execution of the programs of the CPU 2-2 of the LSI 2.
  • Accordingly, by mounting this [0066] LSI 2, a card funds transfer function is imparted to various electronic devices 50 to 57. These electronic devices are, for example, a POS (point of sales) reader/writer 50, an integrated terminal 51, a mobile terminal 52, an ATM (automatic teller machine) 53, an automatic vending machine 54, a PDA (personal digital assistant) 55, a portable telephone 56, and a PC (personal computer) 57.
  • The peripheral circuit [0067] 2-12 of the LSI 2 for the card funds transfer will be explained with reference to FIG. 7. The peripheral circuit 2-12 has a smart card controller 60, a MS (Magnetic stripe) control circuit 61, a LCD control circuit 62, a matrix KB control circuit 63, a memory controller 64, and serial I/O ports 69 to 72. In FIG. 7, the above LSI 2 indicates a condition of being mounted on the target board 7, and for clarity of description of the LSI 2, only the CPU 2-2 and peripheral circuit 2-12 (60-64, 69-72) are shown. Of course, the LSI 2 includes the debug I/F 2-1 and the authentication circuit.
  • The [0068] smart card controller 60 reads/writes data of the IC card (called a smart card) via the IC card reader/writer 30. The MS control circuit controls the MS (magnetic stripe) reader 31. The LCD control circuit 62 controls a display of the LCD (liquid crystal display) 32-1. The matrix KB control circuit 63 recognizes an input of a ten key 32-2. The memory controller 64 control an input/output into/from various memories (a ROM 65, a SRAM 66, a FLASH 67, a SDRAM 68) on the board 7. The serial ports 69 to 72 are connected to drivers 73 to 75 of the port 7 for inputting and outputting the serial data. These are each connected to the CPU bus 4-2.
  • FIG. 8 is a system configuration diagram of the electronic device mounting a funds transferring LSI, showing a POS (point of sales) system. The [0069] network 35 is connected to a store controller 20 and a plurality of POS terminals 10. The POS terminals 10 are connected to the IC card reader/writer 30. The store controller 20 and the plurality of POS terminals 10 are provided with the above funds transferring LSIs (called an IFD), which exchanges directly funds transfer data.
  • An IC card [0070] 34-1 for customers is exchanged messages with a POS IC card 34-2 via the IFD 2, and the POS IC card 34-2 is exchanged messages with the IC card 34-2 of the store controller 20 via an IFD 2, a terminal controller 11, a network 35, the terminal controller 11, and the IFD 2.
  • For example, in the case where the electronic funds transfer is carried out by the IC card, a customer's data of the IC card [0071] 34-1 are stored in the POS IC card 34-2 via the IFD 2. Thereafter, the stored data of the POS IC card 34-2 are stored in the IC card 34-2 of the store controller 20 via the IFD 2, the terminal controller 11, the network 35, the terminal controller 11, and the IFD 2.
  • In this system, as a route of the electronic funds transfer data is closed by the [0072] IFD 2, there is no fear that funds transfer data (a password, an accounting number, a balance, and the like) are leaked. Therefore, safety is high.
  • However, as described above, if accessing the CPU [0073] 2-2 by utilizing the debug I/F, it is possible to make a spurious acquisition of funds transfer data (a password, an accounting number, a balance, and the like), so that there is a fear of abusing. Accordingly, an authentication mechanism according to the present invention is, in particular, valid for such uses.
  • [Other Embodiments ][0074]
  • In addition to the aforesaid embodiments, the following modifications according to the present invention are possible: [0075]
  • (1) According to the aforesaid embodiments, the reset signal is canceled by the authentication, but a gate may be provided at a clock input side of the debug I/F [0076] 2-1, so that a clock input is enabled by the authentication.
  • (2) According to the aforesaid embodiments, the waiting time are provided by the timer after the agreement judgment, but the waiting time may be performed for the judgment by the timer before the agreement judgment. [0077]
  • (3) In the case where the disagreement is detected by the agreement judgment, this can be notified to the peripheral circuit. Thus, the peripheral circuit judges as a spurious access, and for example, it is possible to make a disposition such as erasing of data required for the security. [0078]
  • (4) The system LSI is explained for the card funds transfer, but it may be used as the other applications. [0079]
  • (5) The explanation is made as the debug I/F of the CPU, but the present invention can be applied to the debug I/F of the other circuits. [0080]
  • Although the present invention has been described in light of the preferred embodiments thereof, the present invention could be variously modified without departing from the sprit of the present invention, and those modifications are not to be excluded from the scope of the invention. [0081]
  • As set forth hereinabove, according to the present invention, the following effects are presented. [0082]
  • Since the authentication circuit is provided between the debug I/F circuit and the debug terminal, it is possible to protect the internal circuit from dishonesty such as the reverse engineering, etc. of operation of the internal circuit by utilizing the debug I/F of the third person, and to hold the security higher than the conventional device. [0083]
  • Furthermore, since the security is carried out by the physical connection and authentication algorithm with a set of the [0084] discrimination device 3 and LSI 2, therefore, the high security is enabled. Furthermore, the spurious engineering by the PC 5 is difficult.

Claims (17)

What is claimed is:
1. An IC comprising;
an internal circuit;
a debug I/F circuit for debugging the internal circuit from externally; and
an authentication circuit which is provided between the debug I/F circuit and a debug terminal for connecting outside, and for transmitting a transmission key from the debug terminal to outside, and authenticating from a signal received from the debug terminal and said transmission key to enable operation of the debug I/F circuit.
2. The IC according to claim 1, wherein the authentication circuit cancels a reset signal to the debug I/F circuit for enabling the operation.
3. The IC according to claim 1, wherein the authentication circuit generates an authentication key that is encrypted the transmission key by a predetermined key, and collates said reception signal with the authentication key.
4. The IC according to claim 1, wherein the authentication circuit time-awaits the operation enabling.
5. The IC according to claim 1, wherein the authentication circuit generates the transmission key by random numbers.
6. An electronic device mounted with an IC, said IC comprising;
an internal circuit;
a debug I/F circuit for debugging the internal circuit from externally; and
an authentication circuit which is provided between the debug I/F circuit and a debug terminal for connecting outside, and for transmitting a transmission key from the debug terminal to outside, and collating the signal received from the debug terminal with the transmission key to enable operation of the debug I/F circuit.
7. The electronic device according to claim 6, wherein the authentication circuit cancels the reset signal to the debug I/F circuit for enabling the operation.
8. The electronic device according to claim 6, wherein the authentication circuit generates the authentication key that is encrypted the transmission key by a predetermined key, and collates the reception signal with the authentication key.
9. The electronic device according to claim 6, wherein the authentication circuit time-awaits the operation enabling.
10. The electronic device according to claim 6, wherein the authentication circuit forms the transmission key by the random numbers.
11. A debugging method for utilizing a debug I/F circuit and debugging an internal circuit from externally, comprising the steps of:
transmitting a transmission key to externally when the debug I/F circuit is activated; and
authenticating the signal received from externally and the transmission key to enable operation of the debug I/F circuit.
12. The debugging method according to claim 11, wherein the authentication step includes a step of canceling a reset signal to the debug I/F circuit for enabling the operation.
13. The debugging method according to claim 11, wherein the authentication step includes;
a step of generating a authentication key that is encrypted the transmission key by a predetermined key, and
a step of collating the received signal with the authentication key.
14. The debugging method according to claim 11, wherein the authentication step has a step of time-awaiting the operation enabling.
15. The debugging method according to claim 11, wherein the transmission step has a step of forming the transmission key by the random numbers.
16. The debugging method according to claim 11, wherein further comprising;
a step of receiving the transmission key and encoding by a predetermined key, and transmitting the received signal with a discrimination device provided between a debugger and the debug I/F circuit.
17. A debugger for debugging an IC, the IC comprising an internal circuit; a debug I/F circuit for debugging the internal circuit; and an authentication circuit which is provided between the debug I/F circuit and the debug terminal, said debugger comprising;
a debug unit for debugging said LSI; and
a discrimination device which is provided between said debug unit and said debug I/F circuit, and for receiving a transmission key from said authentication circuit, encrypting said transmission key by a predetermined key, and transmitting the encrypted key to said authentication circuit to enable debugging of said IC by said debug unit.
US09/784,151 2000-06-30 2001-02-16 IC, IC-mounted electronic device, debugging method and IC debugger Expired - Fee Related US7080258B2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2000-199266 2000-06-30
JP2000199266A JP4409056B2 (en) 2000-06-30 2000-06-30 LSI, LSI mounted electronic device, debugging method, LSI debugging device

Publications (2)

Publication Number Publication Date
US20020010856A1 true US20020010856A1 (en) 2002-01-24
US7080258B2 US7080258B2 (en) 2006-07-18

Family

ID=18697312

Family Applications (1)

Application Number Title Priority Date Filing Date
US09/784,151 Expired - Fee Related US7080258B2 (en) 2000-06-30 2001-02-16 IC, IC-mounted electronic device, debugging method and IC debugger

Country Status (3)

Country Link
US (1) US7080258B2 (en)
EP (1) EP1168181A3 (en)
JP (1) JP4409056B2 (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030005335A1 (en) * 2001-06-28 2003-01-02 Hidekazu Watanabe Protecting secured codes and circuits in an integrated circuit
US20060005260A1 (en) * 2004-06-24 2006-01-05 Hiroyoshi Haruki Microprocessor
US20060112241A1 (en) * 2004-11-24 2006-05-25 Yoav Weiss System, method and apparatus of securing an operating system
US20060248393A1 (en) * 2005-04-28 2006-11-02 Kabushiki Kaisha Toshiba Electronic apparatus
US20070016959A1 (en) * 2005-07-15 2007-01-18 Yuichi Ikeda Information processing device and information processing system
US20080098224A1 (en) * 2006-10-24 2008-04-24 Spreadtrum Communications Corporation Processes and apparatus for establishing a secured connection with a joint test action group port
US20120250865A1 (en) * 2011-03-23 2012-10-04 Selerity, Inc Securely enabling access to information over a network across multiple protocols
US9330268B2 (en) 2009-05-21 2016-05-03 Samsung Electronics Co, Ltd. Storage devices with secure debugging capability and methods of operating the same
US20160266623A1 (en) * 2015-03-10 2016-09-15 Canon Kabushiki Kaisha Information processing apparatus, method for controlling information processing apparatus, and storage medium
US20170081573A1 (en) * 2014-05-23 2017-03-23 3M Innovative Properties Company A Discontinuous Silicone Adhesive Article
US20170342299A1 (en) * 2013-06-24 2017-11-30 3M Innovative Properties Company Pressure-Sensitive Adhesive Layers with Surface-Enriched Stripes and Methods of Making
US10705141B2 (en) * 2017-10-11 2020-07-07 Stmicroelectronics (Rousset) Sas Method for managing a return of a product for analysis and corresponding product

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4409056B2 (en) * 2000-06-30 2010-02-03 富士通株式会社 LSI, LSI mounted electronic device, debugging method, LSI debugging device
JP4552366B2 (en) 2001-07-09 2010-09-29 日本電気株式会社 Mobile portable terminal, position search system, position search method and program thereof
EP1443338A1 (en) * 2003-02-03 2004-08-04 STMicroelectronics Limited Secure test arrangement
US7444546B2 (en) 2003-04-17 2008-10-28 Arm Limited On-board diagnostic circuit for an integrated circuit
JP2007226276A (en) * 2004-03-24 2007-09-06 Matsushita Electric Ind Co Ltd Debug permission device system
JP3804670B2 (en) * 2004-04-21 2006-08-02 セイコーエプソン株式会社 Semiconductor device, electronic device, and access control method for semiconductor device
JP4559794B2 (en) * 2004-06-24 2010-10-13 株式会社東芝 Microprocessor
JP4814993B2 (en) * 2007-03-27 2011-11-16 富士通株式会社 Device to be debugged, authentication program, and debug authentication method
US9141776B2 (en) 2008-04-30 2015-09-22 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for secure hardware analysis
JP2010067089A (en) * 2008-09-11 2010-03-25 Toshiba Corp System lsi
US8266684B2 (en) * 2008-09-30 2012-09-11 General Instrument Corporation Tokenized resource access
US8484451B2 (en) * 2010-03-11 2013-07-09 St-Ericsson Sa Method and apparatus for software boot revocation
EP2746952B1 (en) 2012-12-18 2017-02-08 Neopost Technologies Secured management of traces in a mail processing device
WO2017072664A1 (en) * 2015-10-27 2017-05-04 Marvell World Trade Ltd. System and method for establishing a trusted diagnosis/debugging agent over a closed commodity device
US11665002B2 (en) 2020-12-11 2023-05-30 International Business Machines Corporation Authenticated elevated access request

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4908038A (en) * 1987-10-29 1990-03-13 Toppan Printing Co., Ltd High-security integrated-circuit card
US5704039A (en) * 1994-07-25 1997-12-30 Motorola, Inc. Mask programmable security system for a data processor and method therefor
US5784464A (en) * 1995-05-02 1998-07-21 Fujitsu Limited System for and method of authenticating a client
US5978937A (en) * 1994-12-28 1999-11-02 Kabushiki Kaisha Toshiba Microprocessor and debug system
US6073176A (en) * 1996-07-29 2000-06-06 Cisco Technology, Inc. Dynamic bidding protocol for conducting multilink sessions through different physical termination points
US6374354B1 (en) * 1997-07-15 2002-04-16 Silverbrook Research Pty Ltd Consumable authentication protocol and system
US6622184B1 (en) * 1999-06-04 2003-09-16 Kabushiki Kaisha Toshiba Information processing system
US6757829B1 (en) * 1998-05-29 2004-06-29 Texas Instruments Incorporated Program debugging system for secure computing device having secure and non-secure modes
US6769065B2 (en) * 1998-08-06 2004-07-27 Infineon Technologies Ag Access authorization device for controlling access requested by an OCDS module

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4409056B2 (en) * 2000-06-30 2010-02-03 富士通株式会社 LSI, LSI mounted electronic device, debugging method, LSI debugging device

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4908038A (en) * 1987-10-29 1990-03-13 Toppan Printing Co., Ltd High-security integrated-circuit card
US5704039A (en) * 1994-07-25 1997-12-30 Motorola, Inc. Mask programmable security system for a data processor and method therefor
US5978937A (en) * 1994-12-28 1999-11-02 Kabushiki Kaisha Toshiba Microprocessor and debug system
US5784464A (en) * 1995-05-02 1998-07-21 Fujitsu Limited System for and method of authenticating a client
US6073176A (en) * 1996-07-29 2000-06-06 Cisco Technology, Inc. Dynamic bidding protocol for conducting multilink sessions through different physical termination points
US6374354B1 (en) * 1997-07-15 2002-04-16 Silverbrook Research Pty Ltd Consumable authentication protocol and system
US6757829B1 (en) * 1998-05-29 2004-06-29 Texas Instruments Incorporated Program debugging system for secure computing device having secure and non-secure modes
US6769065B2 (en) * 1998-08-06 2004-07-27 Infineon Technologies Ag Access authorization device for controlling access requested by an OCDS module
US6622184B1 (en) * 1999-06-04 2003-09-16 Kabushiki Kaisha Toshiba Information processing system

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030005335A1 (en) * 2001-06-28 2003-01-02 Hidekazu Watanabe Protecting secured codes and circuits in an integrated circuit
US7707645B2 (en) * 2004-06-24 2010-04-27 Kabushiki Kaisha Toshiba Microprocessor
US20060005260A1 (en) * 2004-06-24 2006-01-05 Hiroyoshi Haruki Microprocessor
US20060112241A1 (en) * 2004-11-24 2006-05-25 Yoav Weiss System, method and apparatus of securing an operating system
WO2006056988A2 (en) * 2004-11-24 2006-06-01 Discretix Technologies Ltd. System, method and apparatus of securing an operating system
WO2006056988A3 (en) * 2004-11-24 2006-12-21 Discretix Technologies Ltd System, method and apparatus of securing an operating system
GB2435780A (en) * 2004-11-24 2007-09-05 Discretix Technologies Ltd System,method and apparatus of securing an operating system
US20060248393A1 (en) * 2005-04-28 2006-11-02 Kabushiki Kaisha Toshiba Electronic apparatus
US20070016959A1 (en) * 2005-07-15 2007-01-18 Yuichi Ikeda Information processing device and information processing system
US20080098224A1 (en) * 2006-10-24 2008-04-24 Spreadtrum Communications Corporation Processes and apparatus for establishing a secured connection with a joint test action group port
US9330268B2 (en) 2009-05-21 2016-05-03 Samsung Electronics Co, Ltd. Storage devices with secure debugging capability and methods of operating the same
US20120250865A1 (en) * 2011-03-23 2012-10-04 Selerity, Inc Securely enabling access to information over a network across multiple protocols
US20170342299A1 (en) * 2013-06-24 2017-11-30 3M Innovative Properties Company Pressure-Sensitive Adhesive Layers with Surface-Enriched Stripes and Methods of Making
US20170081573A1 (en) * 2014-05-23 2017-03-23 3M Innovative Properties Company A Discontinuous Silicone Adhesive Article
US20160266623A1 (en) * 2015-03-10 2016-09-15 Canon Kabushiki Kaisha Information processing apparatus, method for controlling information processing apparatus, and storage medium
US10133326B2 (en) * 2015-03-10 2018-11-20 Canon Kabushiki Kaisha Information processing apparatus, method for controlling information processing apparatus, and storage medium for establishing link-up between communication devices
US10705141B2 (en) * 2017-10-11 2020-07-07 Stmicroelectronics (Rousset) Sas Method for managing a return of a product for analysis and corresponding product
US11143701B2 (en) 2017-10-11 2021-10-12 Stmicroelectronics (Rousset) Sas Method for managing a return of a product for analysis and corresponding product

Also Published As

Publication number Publication date
EP1168181A3 (en) 2006-03-01
JP2002014838A (en) 2002-01-18
JP4409056B2 (en) 2010-02-03
EP1168181A2 (en) 2002-01-02
US7080258B2 (en) 2006-07-18

Similar Documents

Publication Publication Date Title
US7080258B2 (en) IC, IC-mounted electronic device, debugging method and IC debugger
EP1318456B1 (en) Electronic apparatus and debug authorization method
USRE47621E1 (en) Secure transaction microcontroller with secure boot loader
US8675868B1 (en) Encrypting an address-dependent value along with code to prevent execution or use of moved code
US20210258784A1 (en) Detection of a rerouting of a communication channel of a telecommunication device connected to an nfc circuit
US20070067634A1 (en) System and method for restricting access to a terminal
US20140195429A1 (en) Method for protecting cardholder data in a mobile device that performs secure payment transactions and which enables the mobile device to function as a secure payment terminal
JPS6256556B2 (en)
CN101166085A (en) Remote unlocking method and system
US7246375B1 (en) Method for managing a secure terminal
US20070174615A1 (en) Method and device for communication using random codes
EP1082710A1 (en) Preloaded ic-card and method for authenticating the same
WO2007010333A1 (en) Host security module using a collection of smartcards
US6662151B1 (en) System for secured reading and processing of data on intelligent data carriers
US20060289656A1 (en) Portable electronic apparatus and data output method therefor
CN111414605B (en) Unlocking method and device of embedded security unit, electronic equipment and storage medium
Petri An introduction to smart cards
JP5923727B2 (en) Information processing system
US9652232B2 (en) Data processing arrangement and method for data processing
TWI646481B (en) Pairing authentication method for electronic transaction device
EP1486908A1 (en) Smart card with two I/O ports for linking secure and insecure environments
JP2010160765A (en) System lsi and debugging method thereof
US9195857B2 (en) Computational system
WO2021054854A1 (en) Generation and use of a trusted digital image of a document
Silbermann et al. Security Analysis of Contactless Payment Systems in Practice

Legal Events

Date Code Title Description
AS Assignment

Owner name: FUJITSU LIMITED, JAPAN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KAWASAKI, YUSUKE;HASHIMOTO, SHIGERU;REEL/FRAME:011562/0338

Effective date: 20010118

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FPAY Fee payment

Year of fee payment: 4

REMI Maintenance fee reminder mailed
LAPS Lapse for failure to pay maintenance fees
STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20140718